4 matches found
CVE-2024-12448
creationtimestamp| type| source ---|---|--- 2024-12-14 05:48:42+00:00| seen| https://infosec.exchange/users/cve/statuses/113649603208423193 2024-12-14 06:49:45+00:00| seen| https://t.me/cvedetector/12919...
CVE-2024-12448 Posts and Products Views for WooCommerce <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Posts and Products Views for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'papvfwcviews' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-12448
CVE-2024-12448 affects Posts and Products Views for WooCommerce (WordPress plugin). Root cause: insufficient input sanitization and output escaping on user-supplied attributes in the plugin shortcode papvfwc_views, enabling stored Cross-Site Scripting. Impact: authenticated attackers with contrib...
CVE-2024-12448 Posts and Products Views for WooCommerce <= 2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Posts and Products Views for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'papvfwcviews' shortcode in all versions up to, and including, 2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...